From: M S (michaelgstout@hotmail.com)
Date: Wed Jul 11 2007 - 01:47:21 ART
Didn't think of that
Thank You.!
--------------------------------------------------------------------
From: sam s <samarth_04@hotmail.com>
To: M S <michaelgstout@hotmail.com>, <ccielab@groupstudy.com>
Subject: RE: CBAC interfaces
Date: Wed, 11 Jul 2007 10:02:57 +0530
I would do any of these methods.....
1)
int s0/0
ip access-group ACL in (your deny ext acl)
int f0/0
ip inspect CBAC in
2)
int s0/0
ip inspect CBAC out
ip access-group ACL in (your deny ext acl)
Best Wishes,
SAMARTH
> From: michaelgstout@hotmail.com
> To: ccielab@groupstudy.com
> Subject: CBAC interfaces
> Date: Tue, 10 Jul 2007 21:05:29 -0700
>
> Hello:
> I am working on my weak security areas.
> I have a router with two interfaces Ethernet Lan and a serial
connection
> to the cloud.
> I want to protect the users on my LAN.
> I thnk the list will go something like this.
> Please correct me if i am wrong
> interface fast0/0
> ip access-group ACL in
> ip inspect CBAC out
>
> ip access-list ext ACLdeny ip any
>
> ip inspect name CBAC tcp
>
> Thank you for the help.
>
>
------------------------------------------------------------------------
>
> Need a brain boost? Recharge with a stimulating game. Play now!
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
------------------------------------------------------------------------